syscall: add new CLONE_ flags for Linux

The constants for these were auto-generated from the C includes
into zerrors_linux* files quite some time ago. The generator is
currently broken, but some new flags need to be added nevertheless.

As the flags won't change and the values are the same for all
architectures, we can just define them statically (as it's already
done in the runtime package):

 - remove the CLONE_* constants from zerrors_linux_*.go;
 - patch mkerrors.sh to not generate CLONE_ constants
   (in case it will be fixed and used in the future);
 - add the constants and some comments about them to exec_linux.go,
   using Linux v5.17 include/uapi/sched.h as the ultimate source.

This adds the following new flags:

 - CLONE_CLEAR_SIGHAND
 - CLONE_INTO_CGROUP
 - CLONE_NEWCGROUP
 - CLONE_NEWTIME
 - CLONE_PIDFD

For #51246.

Change-Id: I0c635723926218bd403d37e113ee4d62194463a8
Reviewed-on: https://go-review.googlesource.com/c/go/+/407574
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Joedian Reid <joedian@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>

1 files changed, 39 insertions, 0 deletions

diff --git a/src/syscall/exec_linux.go b/src/syscall/exec_linux.go
index 554aad412d..4ae7f33462 100644
--- a/src/syscall/exec_linux.go
+++ b/src/syscall/exec_linux.go
@@ -12,6 +12,45 @@ import (
 	"unsafe"
 )
 
+// Linux unshare/clone/clone2/clone3 flags, architecture-independent,
+// copied from linux/sched.h.
+const (
+	CLONE_VM             = 0x00000100 // set if VM shared between processes
+	CLONE_FS             = 0x00000200 // set if fs info shared between processes
+	CLONE_FILES          = 0x00000400 // set if open files shared between processes
+	CLONE_SIGHAND        = 0x00000800 // set if signal handlers and blocked signals shared
+	CLONE_PIDFD          = 0x00001000 // set if a pidfd should be placed in parent
+	CLONE_PTRACE         = 0x00002000 // set if we want to let tracing continue on the child too
+	CLONE_VFORK          = 0x00004000 // set if the parent wants the child to wake it up on mm_release
+	CLONE_PARENT         = 0x00008000 // set if we want to have the same parent as the cloner
+	CLONE_THREAD         = 0x00010000 // Same thread group?
+	CLONE_NEWNS          = 0x00020000 // New mount namespace group
+	CLONE_SYSVSEM        = 0x00040000 // share system V SEM_UNDO semantics
+	CLONE_SETTLS         = 0x00080000 // create a new TLS for the child
+	CLONE_PARENT_SETTID  = 0x00100000 // set the TID in the parent
+	CLONE_CHILD_CLEARTID = 0x00200000 // clear the TID in the child
+	CLONE_DETACHED       = 0x00400000 // Unused, ignored
+	CLONE_UNTRACED       = 0x00800000 // set if the tracing process can't force CLONE_PTRACE on this clone
+	CLONE_CHILD_SETTID   = 0x01000000 // set the TID in the child
+	CLONE_NEWCGROUP      = 0x02000000 // New cgroup namespace
+	CLONE_NEWUTS         = 0x04000000 // New utsname namespace
+	CLONE_NEWIPC         = 0x08000000 // New ipc namespace
+	CLONE_NEWUSER        = 0x10000000 // New user namespace
+	CLONE_NEWPID         = 0x20000000 // New pid namespace
+	CLONE_NEWNET         = 0x40000000 // New network namespace
+	CLONE_IO             = 0x80000000 // Clone io context
+
+	// Flags for the clone3() syscall.
+
+	CLONE_CLEAR_SIGHAND = 0x100000000 // Clear any signal handler and reset to SIG_DFL.
+	CLONE_INTO_CGROUP   = 0x200000000 // Clone into a specific cgroup given the right permissions.
+
+	// Cloning flags intersect with CSIGNAL so can be used with unshare and clone3
+	// syscalls only:
+
+	CLONE_NEWTIME = 0x00000080 // New time namespace
+)
+
 // SysProcIDMap holds Container ID to Host ID mappings used for User Namespaces in Linux.
 // See user_namespaces(7).
 type SysProcIDMap struct {